Missing or invalid parameters
|
The installer provides a clue as regards to the issue; however, in case of errors in the manfiest file HCL syntax, these can
be misguiding. If you see "Type errors", check the formatting of the configuration manifest.
The manifest file can also be passed as a simple JSON file. Use the following converter to validate/convert: https://www.hcl2json.com/
|
Certificate Error
|
The ESXi hosts that will run the Crosswork application and Crosswork Data Gateway VM must have NTP configured, or the initial
handshake may fail with "certificate not valid" errors.
|
Image upload takes a long time or upload is interrupted.
|
The image upload duration depends on the link and datastore performance and can be expected to take around 10 minutes or more.
If an upload is interrupted, the user needs to manually remove the partially uploaded image file from vCenter via the vSphere
UI.
|
vCenter authorization
|
The vCenter user needs to have authorization to perform the actions as described in Installation Prerequisites for VMware vCenter.
|
Floating VIP address is not reachable
|
The VRRP protocol requires unique router_id advertisments to be present on the network segment. By default, Crosswork uses
the ID 169 on the management and ID 170 on the data network segments. A symptom of conflict, if it arises, is that the VIP
address is not reachable. Remove the conflicting VRRP router machines or use a different network.
|
Crosswork VM is not allowing to log in
|
The password specified is not strong enough. Change the configuration manfiest and redeploy.
|
Error conditions such as:
Error: Error locking state: Error acquiring the state lock: resource temporarily unavailable
Error: error fetching virtual machine: vm not found
Error: Invalid index
|
These errors are common when re-running the installer after an initial run is interrupted (Control C, or TCP timeout, etc).
Remediation steps are:
-
Run the clean operation (./cw-installer.sh clean -m <your manifest here> ) OR remove the VM files manually from the vCenter.
-
Remove the state file (rm /data/crosswork-cluster.tfstate ) and retry.
|
Deployment fails with: Failed to validate Crosswork cluster initialization.
|
The clusters' seed VM is either unreachable or one or more of the cluster VMs have failed to get properly configured.
-
Check whether the VM is reachable, and collect logs from /var/log/firstBoot.log and /var/log/vm_setup.log
-
Check the status of the other cluster nodes.
|
The VMs are deployed but the Crosswork cluster is not being formed.
|
A successful deployment allows the operator logging in to the VIP or any cluster IP address to run the following command to
get the status of the cluster: sudo kubectl get nodes
A healthy output for a 3-node cluster is:NAME STATUS ROLES AGE VERSION
172-25-87-2-hybrid.cisco.com Ready master 41d v1.16.4
172-25-87-3-hybrid.cisco.com Ready master 41d v1.16.4
172-25-87-4-hybrid.cisco.com Ready master 41d v1.16.4
In case of a different output, collect the following logs: /var/log/firstBoot.log and /var/log/vm_setup.log
In addition, for any cluster nodes not displaying the Ready state, collect: sudo kubectl describe node <name of node>
|
The following error is displayed while uploading the image:
govc: The provided network mapping between OVF networks and the system network is not supported by any host.
|
The Dswitch on the vCenter is misconfigured. Please check whether it is operational and mapped to the ESXi hosts.
|
The VMs take a long time to deploy
|
The disk load on the vCenter plays a major role in cloning VM. To ease loaded systems, it is possible to run the VM install
operations in a serialized manner. On higher performance systems, run the deployment in parallel by passing the [-p] flag.
|
VMs deploy but install fails with Error: timeout waiting for an available IP address
|
Most likely cause would be an issue in the VM parameters provided or network reachability. Enter the VM host through the vCenter
console. and review and collect the following logs: /var/log/firstBoot.log and /var/log/vm_setup.log
|
On cluster node failure, the VIP is not transferred to the remaining nodes
|
Ensure that switch or the vCenter Dswitch connected the VMs allows IP address movement (Allow Forged Transmits in vCenter).
For more information, see VMware Settings.
|
When deploying on a vCenter, the following error is displayed towards the end of the VM bringup:
Error processing disk changes post-clone: disk.0: ServerFaultCode: NoPermission: RESOURCE (vm-14501:2000), ACTION (queryAssociatedProfile): RESOURCE (vm-14501), ACTION
(PolicyIDByVirtualDisk)
|
Enable Profile-driven storage. Query permissions for the vCenter user at the root level (i.e. for all resources) of the vCenter.
|
Installer reports plan to add more resources than the current numbr of VMs
|
Other than the Crosswork cluster VMs, the installer tracks a couple of other meta-resources. Thus, when doing an installation
of, say a 3-VM cluster, the installer may report a "plan" to add more resources than the number of VMs.
|
On running or cleaning, installer reports Error: cannot locate virtual machine with UUID "xxxxxxx": virtual machine with UUID "xxxxxxxx" not found
|
To resolve, remove the /data/crosswork-cluster.tfstate file.
The installer uses the tfstate file stored as /data/crosswork-cluster.tfstate to maintain the state of the VMs it has operated upon. If a VM is removed outside of the installer, that is through the vCenter
UI, this state is out of synchronization.
|
The following error is displayed if the Crosswork password is not complex enough:
Error: Invalid value for variable on cluster_vars.tf line 113:
├────────────────
This was checked by the validation rule at cluster_vars.tf:115,3-13.
Error: expected length of name to be in the range (1 - 80), got
with data.vsphere_virtual_machine.template_from_ovf,
on main.tf line 32, in data "vsphere_virtual_machine" "template_from_ovf":
32: name = var.Cw_VM_Image
Mon Aug 21 18:52:47 UTC 2023: ERROR: Installation failed.
Check installer and the VMs' log by accessing via console and viewing /var/log/firstBoot.log
|
To resolve, ensure to create a strong password.
The password must be at least 8-characters long and should include upper & lower case letters, numbers, and special characters.
Avoid using passwords similar to dictionary words (for example, "Pa55w0rd!") or relatable words (for example, C!sco123 or
Cwork321!). While they satisfy the criteria, such passwords are weak and will result in the failure of VM setup.
|